NOTE: this post is entirely personal. The opinions are my own and do not represent Fedora or Red Hat. The facts, however, are all 100% truthy. 😉 Just to make it 100% clear for any visiting journalists etc. who don’t know me: I work for Red Hat, on Fedora. I am not unbiased and am not claiming to be, but I am claiming that the concrete stuff I say below is true.

You may have read some stuff this week about an application delivery mechanism called Snappy and how it’s going to unite all distributions and kill apt and rpm!

This is, to put it diplomatically, a heaping pile of steaming bullshit. You may not be surprised to learn that said pile has been served by the Canonical press department.

The source of all this press was this gem of a press release, which has been widely covered in a fairly…uncritical way by severaloutlets. Even Ars Technica, which is usually fairly good at doing actual journalism rather than just unquestioningly paraphrasing press releases, gave it a pretty anodyne write-up.

The press release and the stories together give you the strong impression that this thing called Snappy is going to be the cross-distribution future of application delivery, and it’s all ready for use today and lots of major distributions are buying into it. In the press release you’ll find stuff like this:

“Developers from multiple Linux distributions and companies today announced collaboration on the “snap” universal Linux package format, enabling a single binary package to work perfectly and securely on any Linux desktop, server, cloud or device.”

The stories have headlines like “Adios apt and yum? Ubuntu’s snap apps are coming to distros everywhere” and “Snap Packages Become Universal Binary Format for All GNU/Linux Distributions” (jeez, I particularly love that one).

So what are the problems with this happy-clappy story? Several of them!

First let’s be clear: Snappy is a Canonical project. The press release was issued, I think, sort of as if it came from some sort of independent or cross-vendor project, and there’s the snapcraft.io site to back up that impression, but every Snappy committer is a Canonical employee, and contributions to Snappy require signing the notorious Canonical CLA:

“Contributions are always welcome! Please make sure that you sign the Canonical contributor licence agreement at http://www.ubuntu.com/legal/contributors”

Now, does Snappy actually have the cross-distribution buy-in that the press release claims (but never outright states) that it has? No. The press release sure sounds superficially impressive:

“Developers from multiple Linux distributions…Snaps now work natively on Arch, Debian, Fedora, Kubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Kylin, Ubuntu MATE, Ubuntu Unity, and Xubuntu…Together, these distributions represent the vast majority of common Linux usage on the desktop, server and cloud.”

but it’s a pretty big mis-representation. The other distributions cited have not actually declared their support for Snappy and said ‘yes, this is how we want applications to be distributed in future’. Canonical employees have independently built and released Snappy packages for those distributions. This is the basis of all the press release’s claims. For instance, the Snappy packages for Fedora are in a COPR – COPR is a system like PPA that lets anyone build packages – maintained by a Canonical employee. The sum total of communication between Canonical and Fedora before the release of this press release was that they mailed us asking about the process of packaging snappy for Fedora, and we told them about the main packaging process and COPR. They certainly did not in any way inform Fedora that they were going to send out a press release strongly implying that Fedora, along with every other distro in the world, was now a happy traveler on the Snappy bandwagon.

There is in fact another system with very similar goals, which is now called Flatpak and was previously called xdg-app. To be as fair as I can, I’ll say that Flatpak is quite heavily Red Hat influenced: the main author of Flatpak is Alex Larsson, a Red Hat employee. It is not, however, a “Red Hat project” to anything like the extent Snappy is a Canonical project. There are more than 20 other committers to Flatpak, most of whom are not RH employees (and including contributors to several other distributions). Flatpak is not under any corporate CLA. Insofar as Fedora is supporting one of these systems, it’s behind Flatpak. No other distribution besides Ubuntu is particularly committed to either system, so far as I can tell. Flatpak and Snappy both began, so far as I could find from internet research, in December 2014. Canonical’s press release, of course, doesn’t even acknowledge Flatpak’s existence…which is kind of par for the PR course, but you’d think at least some journalists might go out and do a bit of independent research.

UPDATE: since writing this post I’ve also been made aware of another system, AppImage, which has been around somewhat longer than Flatpak or Snappy (though not necessarily their forerunners). I know little about it so I will say little, but one thing to note is that – so I’ve heard – it does not attempt to do sandboxing like Snappy and Flatpak do, which is a major feature of those two implementations. It’s purely an app bundle format. But hey, it’s a choice! And it’s been around a while!

Neither Snappy nor Flatpak is at all close to being ‘done’, in the sense of being a credible system for cross-platform app distribution with buy-in from software publishers and distributions. The PR’s claim that Snappy enables “a single binary package to work perfectly and securely on any Linux desktop, server, cloud or device” sounds lovely, doesn’t it? Let’s take a look at the truth. Taking Fedora as an example, the Snappy install instructions for Fedora – go to the Snappy site and click the Fedora logo – say:

# SELinux support is in beta, so on Fedora 24 you currently have to:
sudo setenforce 0

well, that doesn’t seem terribly ‘secure’ or ‘perfect’ now, does it? Along the same lines, the Fedora packages are actually compiled with Snappy’s confinement disabled. Confinement being the entirety of what’s supposed to be secure about this form of app distribution. If confinement isn’t turned on, you’ve basically just got a big blob with uncontrolled access to the system. Good luck with that.

AIUI, the builds for other distributions are in similar states.

Note that neither Snappy nor Flatpak can possibly provide meaningful confinement of apps running under X11, as mjg59 illustrated. Flatpak will only provide meaningful confinement with Wayland. Snappy, of course, is designed to work with Mir, though they claim it can/could (not sure which) also work with Wayland. But the point here is that neither Wayland nor Mir is out there in real widespread use by Linux users at present, yet here’s Canonical happily glossing over that point while they talk about how Snappy right now allows “a single binary package to work perfectly and securely on any Linux desktop”.

At the time this Panglossian PR was sent out, there were exactly two actual useful applications available as snaps: LibreOffice and Krita. Phoronix quickly found that the LibreOffice snap was huge (over 1GB in size) and buggy. The size issue was quite quickly resolved, but this just goes to show that reality is vastly different from Canonical’s claims. This stuff is in early Alpha or proof-of-concept state. It is not remotely ‘done’ and ready for practical use in the real world outside of the very limited contexts where Canonical was already using it.

Neither is Flatpak, of course. But this is why Flatpak’s developers have been communicating with technical conference presentations and blog posts and trying to build a dialog with application developers and distributors, rather than issuing press releases trumpeting how great Flatpak is and how it’s ready to kill apt RIGHT NOW.

Here’s another interesting thing about Snaps: the server end (the ‘app store’ bit of the equation) is closed source, and Canonical have been refusing to tell anyone how to run their own ‘app store’ – see the comment from Cassidy James Blaede, of Elementary. If you want to distribute your snaps, your choices are 1) publish it through the Canonical store, entirely under Canonical’s control, 2) upload it as a file and tell people to use the CLI to install it, or 3) try to figure out how to reconfigure the snap client to use a different server by reading the source code, then write your own server end from scratch, and tell your users to do that. Hmm.

So: Snappy is, like Flatpak, a heavily-under-development, interesting attempt to provide an app store-like app provision mechanism for Linux. It is not finished, it is not close to finished. It is not independent or cross-distribution, it is entirely controlled by Canonical. It does not have, so far as I can tell, meaningful buy-in from a single major distribution outside of Ubuntu. It does not work properly on other distributions yet and it likely will not do so in the near future.

But apart from that, sure, it’s all ready to kill apt and dnf tomorrow!

sigh

Now I’m sure I will get criticized for being mean and nasty and cynical and attacking Canonical instead of being constructive and all they want to do is make things better for everyone, Adam why are you such an ass?

Well, if Canonical actually wanted to work constructively with others, the way to do so would be to talk to them. We have forums for cross-distribution and cross-project collaboration. Lots of them. We have tech conferences where you can go and talk about your project and try to get buy-in for it. Canonical could have come to other distributions and said, hey, how about we all try to get together behind a single format and a common delivery mechanism for this kind of a confined app bundle?

But they didn’t. They just decided to send out a wildly misleading press release and actively encourage the specialist press to report that Snappy was all set to take over the world and everyone was super happy with that.

That’s not being constructive or working together with others. That’s being a bunch of asshats and trying to present the rest of the community with a fait accompli – and notably, a fait accompli in which Canonical holds all the strings (by means of the Canonical CLA controlling contributions to the client end, and the closed source, closed shop server end that is owned entirely by Canonical).

they don’t have to talk about it with all the ‘self-important grey-beards’, just all the people they heavily imply they’re speaking for in the press release. you can’t really claim to be building a cross-distribution app delivery system without actually getting any buy-in from any significant distributions at all.

Thank you for stepping up and saying all of this. I read the arstechnica.com article and immediately thought “man, you really got played by Canonical, didn’t you?”, but was disappointed to see that outside of a few comments, nobody has talked about the fact that snap is basically a client for a proprietary Canonical app store, so can’t be adopted as any kind of standard unless the situation changes.

See AppImage for a decentralized bundling system that allows upstreams to provide binaries (and binary delta updates) directly to end users without intermediaries. It is explicitly designed not to need special support from the distributions, and to allow an application downloaded once to be run on multiple distributions without re-downloading or installing it. http://appimage.org

Yeah but what is so bad about something that can make linux more simple to use if given some time?
Look I know, some hardcore linux users love arch and gentoo and must love how friggin long it can to take to compile a package but some of use actually have lives to get to.
Even right now when I dont have a job I dont want to spend six million years compiling software just so I can get the latest version of Vim/Emacs ratpoison and lynx so I can have my full bragging rights to be a hardcore linux user and not be some newb just coming over from windows.
Because anyone who may want linux to be just a tad easier to work with is such a horrible crime.

Please read the last bit of the post, as it’s specifically intended as a reply to this objection. I have no problem at all with Snappy itself or the people building it. I don’t see it as a Wayland / Mir situation at all. This is why I’ve never said anything bad about it before now. The only thing I have a problem with is this ridiculously misleading press release which claims or implies that it’s highly mature and ready for widespread use, and has support from many other distributions.

But that’s just the thing, some users want a user friendly system where installing packages (among other activities) is fast and easy, and some users want something they can tinker with, customize, etc. You cannot force a cross distribution package format on them, they’ll just use something that doesn’t do that. So you’ll end up with two types of users: the ones that “have lives to get to” will use something user friendly like Ubuntu, and the ones who have lots of free time on their hands will use something that doesn’t even have an installation program. Which is exactly what we already have in Linux right now! So the whole Snappy thing is pointless.

Arch and Gentoo users know what they want. I’ts what works best for them. Hey if you don’t like vim/emacs+ratpoison come up with something that works for you and share. Or use leafpaf/gedit+Unity. It’s all about choice

Allow me to gve you a reply in the same tone that you disregard user diversity. If you don’t like Gentoo or Arch, it is most likely because you’re haven’t been able to use it in your main machine for at least a month, since when you got issues you just did not know how to solve them. So in short, just because you are a newbie you don’t have to shield and dismiss others with what they are doing. Compilation times nowadays have gone way down. I manage several linux servers, from Amazon Linux, to Ubuntu based and Funtoo containers. In all of them you have to spend time configuring it but wih Funtoo, getting things like php 7 in the exact configuration that you want, becomes a thing that you can totally do from official repos instead of third party ones.

I doubt snap gets too far. With Ubuntu going MIR and everyone else going Wayland, I see things going towards Flatpack. If they go anywhere, that is. I’ve heard this story many times in the 13 years I’ve been using Linux. So far no one has unseated apt,yum/dnf, pacman, etc.

I already specifically mentioned that in the post – “The size issue was quite quickly resolved”. I was quite clear about why I was mentioning it: the point is that at the time Canonical was issuing a press release saying how wonderful and mature and ready-for-use snap was, of the two useful things you could actually install with it, one was clearly a complete mess. That’s not a great look.

Sure, and that’s a valid context for it. But this isn’t a press release saying “it’s ready for use for specific purposes on Ubuntu phones!”, it’s a press release saying “it’s ready for use on all Linux systems everywhere!” Which it clearly is not.

And even on the phones/tablets its not exactly spectacular. I have the Ubuntu Touch tablet (BQ Aquaris M10) and the containerisation is basically preventing whole classes of apps from working properly. A simple example:

You put in a uSD card with photos and want to look at them in an image viewer. I guess this is something that should work, right ?

But the image viewer is running in a container, so it can’t access the card (and presumably other storage) directly, only through a portal. And the portal can only select single file at a time – which is really not an option if you have hundred+ photos on the card…

And just like Canonical sinned of disregarding Flatpak, you sin of disregarding AppImage, a truly community-led effort which is available right now and is as simple as it gets (download and run, no “handler” needed).

Sorry, I actually didn’t know about AppImage when I wrote the post. From what I’ve read since, though, AppImage doesn’t do the most novel / interesting thing that Snappy and Flatpak are trying to do, which is sandboxing. It’s purely a package blob format, which is honestly not a terribly difficult thing to do.

I’d say all the technologies I’m aware of still have a lot of big problems to solve. One of the most obvious is that there is still, AFAIK, no standard or consensus on the underlying interfaces for the app bundles. Both Snappy and Flatpak have technology for this, but no-one’s actually brought distributions or desktops together and made an effort to say “OK, we’re going to define some standard interfaces that app bundles can expect to sit on top of, and we’re going to collaborate to make sure those interfaces are available as Flatpak ‘runtimes’ and/or Snappy ‘interfaces’ across the major distributions”. So even if you want to release your app as a snap or flatpak today, how do you decide what to put in the bundle and what to expect the underlying distribution to provide? You’ve got no framework to make that decision, there’s nothing you can point to and say “OK, I can at least rely on the OS providing X, Y and Z”. So you either make your bundle huge (and probably make it not integrate very well with the system, if it’s bundling its own builds of all sorts of libraries), or you try to make it small and find it doesn’t work consistently or even work at all across distributions, which was the point of the exercise in the first place.

For Flatpak there is at least a GNOME ‘runtime’ which is I think the primary target for Flatpak packages for now, but that’s it, a single runtime that exists and that you can target, no more than that, and no written standards (AFAIK) that define what interfaces that runtime actually provides and that you can rely on it providing in the future. There is actually also a KDE runtime, but its description says “Do NOT use this in production, it’s work in progress and it doesn’t enable important safety features. It might also eat your pet or first-born.”

I haven’t checked this myself, but I think someone said the LibreOffice snap has no menu bar on non-Ubuntu distributions, because of the way Unity merges the menubar into the window header. That would be an example of the problem right there.

You are aware that you can run an AppImage in sandboxes such as Firejail or Bubblewrap (the same sandbox used by Snap{py, craft}? We’re working on making it easy to register the AppImage mime type with sandboxes. https://www.youtube.com/watch?v=7C9thHXPZd8

On the bundling-desktop-applications-without-sandboxing front, there have actually been quite a few attempts at that, and many of them reach beyond Linux to handle Windows and Mac OS X as well. The oldest one I’m personally aware of is Zero Install (which started way back in 2003): http://0install.net/

The other big thing the original press release misses is that data center and most internet-of-things use cases don’t need full GUI support inside the sandbox, so network-and-console-only sandboxes like Docker, rkt and systemd-nspawn are already entirely sufficient (and significantly more mature and widely supported than Snappy or FlatPak).

Wow, great write up. The points you’ve made are ones that I have commented on in other posts. Had I read this commenting, I would have sounded a lot more informed and probably directed them to this post for clarity.

You should keep writing. I enjoyed reading this. I like opinionated pieces that are based on truth. I am a little Red Hat/Fedora biased too. So it made me laugh a lot. 🙂

works qa
criticizes devs
creates divisiveness within a second-tier desktop os community

Great job. I honestly think holy warriors like yourself don’t want your platform to succeed on the desktop level. Maybe we could try to move towards a unified system that doesn’t involve a CLI and the accompanying stupidity? What do you think is keeping people from migrating to Linux on the desktop? It’s not the price, that’s for sure. What can we learn from this and how can we adapt? Become the changelog you want to see in the world.

I didn’t criticize any developers at all. I criticized a PR department. I don’t think there’s anything wrong with Snappy or its developers. I think there were an awful lot of things wrong with the press release Canonical’s PR department issued about it.

I’m inclined to agree with you on the facts of the situation. However, progress is a game of Kabuki theater. Canonical plays it better than anyone else in the Linux community. The facts don’t matter a damn bit, if history has taught us anything. PR departments are the psyops of standards warfare. What they do might well be as important, if not moreso, than what the coders and testers on the ground accomplish.

Standards and life are about perception. Embrace this, whether or not you like it, it’s progress.

I’ve been a linux user since the mid 90s. The evolution and spread has been remarkable to witness, and we’re now fortunate to have many high quality distros, catering to pretty much every imaginable niche. The sociological evolution has been no less fascinating, oustanding contributions from small concerns like Elementary to the Red Hats and Canonicals at the juggernaut end. The community is remarkably good at bringing the ship back in line with its moral compass if anyone goes too far off piste at any time (think Wayland/Mir). That diversity is an essential part to what binds linux distros and users collectively – and separates the ecosystem from the single vendor proprietary alternatives.

That’s all nice, but what’s the point? It’s this:

Multiple, mutually incompatible packaging formats don’t help linux. Not only don’t they help, they actively and meaningfully detract from the ecosystem.

If you’re an app builder, linux is a groan. Windows? Sure, package as an installer. Mac? Yup, chuck it in a .dmg. Linux? Oh bollocks. Right, I suppose I’ll need to do a deb. Oh, and an rpm. Or maybe people want to really type ‘configure, make, make install’. Do I need that as well? Ah screw it, I’ll just publish the source code and the users can work it out.

I’m not criticising that you’ve highlighted some shady secrets in Snap. And we know Canonical have history with jumping off down dubious side roads sometimes.

But seriously: put down the handbags. Mobile app stores show just how ludicrously easy it can and should be to find and install apps. If the combined bright minds at canonical and red hat just got together and said “y’know, app packaging isn’t a commercial differentiator between us. Let’s just come up with something great and agree on it” we’d all celebrate. We’d respect you more, revel in the simplicity and consistency, and rejoice that packaging our apps was as easy as win/mac.

Of course there’s nothing to stop arch/gentoo continuing with their approach. It’s part of what makes them different, and a great example of the richness and diversity in the ecosystem. But for most – dare I say “mainstream” – linux users, we don’t care about package management system wars. We just want something that works.

Let me say that again:

MOST LINUX USERS DON’T CARE ABOUT WHICH PACKAGE MANAGEMENT SYSTEM IS BEST.

They just want something that works. Consistently. Across distros. Because package management isn’t a competitive differentiator among mainstream distros. But it is compared to mac/win. And on that front, linux loses.

Red Hat and Canonical do great stuff. It’s great that commercial organisations support linux, and can be successful through it. So bury the hatchet. Kiss and make up. Take a step back, and realise that it’ll be better for everyone if you stop fighting and instead use the energy to enrich and unify the ecosystem. Stop sniping like hormone-overdosed teenagers and instead do something great.

I don’t care which one is best either. Have I ever written anything bad about Snappy before this press release came out? Nope. That’s not because I didn’t know about it, but because I didn’t have any problem with it. I am personally all in favour of working together on things; you may note I’ve spent most of the last year working on Fedora’s deployment of openQA, which is a system created by SUSE. Heck, I gave a joint talk with Richard Brown of SUSE at LFNW this year.

The whole reason this press release pissed me off so much is that it’s exactly how you don’t go about working well with others: by issuing press releases making grandiose and completely misleading claims about how great your system is, in an effort to effectively pressure everyone else to go along with your system – instead of actually working together with everyone else to come to a technical and social consensus. Do you know how we (Fedora) came to start using openQA? Because Richard spent one of SUSE’s hack weeks setting up a proof-of-concept openQA setup for Fedora then came and talked to us (Fedora QA folks) in a friendly way to suggest we could work with it. That’s awesome collaboration, and it worked out great for everyone. He didn’t do his little proof of concept then go and issue a goddamn press release saying “OpenQA Comes To Every Other Distribution In The World”, or something.

Have you noticed that there never seems to be any ‘bad blood’ between RH and SUSE? Or between RH and Arch, or SUSE and Arch, or Elementary and Arch or Elementary and RH or Debian and Arch or just about any other combination you can think of? No, whenever the ‘handbags’ come out, there’s just one common factor: Canonical. Always Canonical. Ever wonder why that is? Because Canonical as a company seems to be congenitally incapable of actually trying to work together with others in good faith. I don’t think this is the fault of Canonical’s engineers, many of whom seem to be perfectly good people. I think it’s a problem that comes from the top – from Mark – and has been built into the culture of their management and their public and community relations. They’re always doing stuff like this.

I wouldn’t say I’ve highlighted some ‘shady secrets’ of Snap. Nothing I mentioned is particularly secret – the technical people who actually built the packages and stuff didn’t try to hide it, it’s all right out there for anyone capable of understanding it to read. It’s only ‘secret’ insofar as Canonical’s PR department figured they could basically lie about it and no-one who read their press release would bother checking if any of its claims were actually true (by, e.g., asking any other distribution if they were buying into Snaps, or actually taking half an hour to look at the non-Ubuntu packages for snap and see what state they were in). And it seems they were mostly right.

What he likely means is that Ubuntu pre-existed Canonical by a year or so. Research and see for yourself. Of course, like most of the hieroglyphics of previous unpopular Pharoahs, the early history of Ubuntu seems to have been chiseled off all the monuments. You’ll probably need to dig up articles from back issues of Linux magazines circa 2001-3 to find anything to substantiate this now, though.

Note to anyone wondering where their comment went: I reserve the right to nuke any comment for excessive sweariness (I know I swear: my blog, my rules) and no-one including me gets to use unpleasant gendered swear words on my blog.

I think your comments are right on the money. I was originally sucked in by the wondrous stuff that Canonical published, until I
heard from the more sophisticated folks who know where to poke the holes. As it happens, I come from PCLOS, and in their Forum
many of the same gotchas were mentioned.

I think many of us–but certainly not all–would welcome more cross-distro commonality in app availability, and Scoop has sort of a point: “Mobile app stores show just how ludicrously easy it can and should be to find and install apps.” But unless I’m missing something, these apps are no more independent than Snappy. As I understand it, all of them are controlled and approved by Google, even tho they may not be written by them.

Thank you so much for writing this article. All of this really needed to be said. I have written an article which does not address the truly scandalous nature of what canonical has done. I think the two articles complement each other. I did not find this article until after I wrote mine. Interesting that both came to the same conclusion. I will update my article to fix any technical misinformation and give attribution to this one.

Press releases are not meant to be unexciting commentary. They are a marketing strategy. As such they are designed to promote one particular viewpoint…that of the source. It may be that Flatpacks are going to be distro agnostic and may have an open source repository server code. Canonical appears to be suggesting that they may at least canvas for other distros to join the club…including RH/Fedora. The reverse could be true in the future. All in all perception may be governed by the spin that is applied, or by ones own prejudices or bias. I am glad you declared your own position early on. It helps me contextualise the rest of the article. My personal opinion? I think Snappy is a good thing and hope it is widely adopted. Perhaps that is because no press releases from RH regarding flatpack has had such an impact (at least I had heard of neither Flatpack nor App Image before). But nice article, thanks.

You are absolutely correct in the purposes of press releases – and Canonical seems to do a great job in this regard. The media however continue to be a disappointment. Instead of doing journalism, they seem only to parrot talking points – which does a disservice to their readership. I don’t want spin… I want facts – and it appears the press release was misleading at best. I already view many of the Canonical articles with a healthy bit of skepticism – and this press release IMHO didn’t do Canonical (or their media sycophants) any favors in the credibility department.

I was asked in the press briefing if RH would adopt snaps, and I answered completely truthfully that I did not know, but that the RH team had asked for a detailed briefing on snaps which we had been glad to provide. Your team called our team to discuss snaps, to discuss porting them to Fedora, and then decided instead to invest in duplicating the capabilities of snaps in your own codebase. That’s exactly what happened.

Adam, this is your spin, and the only propaganda on the issue is yours. You know we don’t write headlines any more than you write headlines. Headlines are written to attract readers. You know we DID engage with your team. You know that snaps DO provide a whole stack of capabilities that your own code does not and which you are now determined to duplicate.

That’s fine – really it is – but I think your calling us propagandists and liars is disgusting. You know full well there is more truth to our position than you’re acknowledging, and this blog and your comments very deliberately conceal much of the behind-the-scenes conversations that have taken place, as well as the fact that there ARE plenty of people who want snaps in places you control.

So you want to make your own version of snaps instead? That’s fine. Go ahead and compete on technology. Calling people names in order to shift the debate from the technology to the politics is pathetic.

I only just found this comment, but no, for the record, I don’t “know” any of those things. Please note, I work on Fedora. Not anything else. Red Hat is big and I don’t know what everyone in it is doing. It’s possible some other team in RH talked to you about snaps (though based on your documented history of flat out lying about things, which I have documented here many times and which you’ve never actually refuted, only yelled at me about, just like you are here I’m disinclined to take your word for it).

But I did check with all relevant Fedora people before writing this post, and no-one said they had received or initiated any contact with you about snaps beyond an inquiry about whether it could be packaged for Fedora, to which we gave a pretty standard reply.

It’s kind of funny how your response to this kind of criticism is always to suggest that it’s the other person who wants to talk politics not technology. No, it isn’t; it’s always you who wants to do that, Mark. But you do it in such a passive-aggressive way – by making wildly controversial claims as if they were undisputed truths, then acting hurt, shocked, saddened and amazed when anyone has the temerity to challenge you – that you seem to have convinced yourself you’re always being wronged…

“UPDATE: since writing this post I’ve also been made aware of another system, AppImage (…) so I’ve heard – it does not attempt to do sandboxing like Snappy and Flatpak do, which is a major feature of those two implementations.”

That’s actually not accurate, there are currently at least 2 sandbox implementations which are able to run AppImages, one being the Bubblewrap sandbox also used by Flatpak and the other being Firejail, which is even mentioned on the http://appimage.org/ homepage.

Well, saying “oh hey, you can wrap some external sandbox system around our packages if you like” seems somewhat different to the Flatpak and Snappy designs where it’s one of the core features of the whole system.

Ok. First of all, I’m not an expert here, nor a developer – just a user. But I have been using linux distros ever since 2003. It sounds like to me that all that snappy is going to do is make you snap – angrily!

For me the fact that this thing is using propietary servers sounds alarm bells ringing. I mean why would anyone want that? I thought the whole idea of gnu/linux in the first place was to steer well clear away from that type of thing. It’s a message which has been around for 20+ years now; a warning and I thought most people nowadays understood this – evidently not. Having propietary stuff? I think we would be wise to remember the old adage; “if you give an inch, they’ll take a mile”.

Sorry, no I’m going to call this one. Again I might not be an expert or a developer but I smell a rat on this one and it comes on top of a previous announcement. There’s something in all of this and this is why I say – I smell a rat – lurking in the shadows. It has a name, and that name is micro$oft.

How do I draw that conclusion? Remember a month or two back when M$ announced that ubuntu command line tools now worked native in windows? Now how did that happen – it didn’t happen by magic did it, yes? And note that nothing came the other way btw. It is my belief that canonical assisted M$ to get those tools working in windows.

How does that tie in? Well, run the clock forward. Canonical has the final say on what “apps” (what a horrible word, btw) are in its “store” (don’t you hate all this marketoid guff btw?), just like apple does; just like anroid does and just like M$ will in its own store. But then remember if there’s lots of “apps” in someway controlled by canonical in its store M$ could then buy that store, i.e. canonical itself. Ouch. And if enough people used it (snappy), that’d cause serious problems for gnu/linux users, yes? Congratulations, you just all got bought by M$.

Yes I know I could be wrong. Yes I might be out by a county mile. But something dosen’t seem right at least with canonical – them possibly helping M$ to get ubuntu command line tools to work in windows is another very big and loud alarm.

The more I look at canonical the more I see problems. If you want a look at the future btw, take a look at their “ubuntu tablet”. I forget where but I did read it isn’t even really ubuntu – it’s a cut down android with ubuntu on top; not much more than a really “good” chroot then I guess. And the “ubuntu” tablet comes with a whole host of c***pware which can’t be removed – lots of “scopes” that connect to propietary cloud services; no way to change the OS if you don’t like ubuntu (so no arch, debian, slackware, red hat etc.) .

Sorry canonical but you can keep your propietary whatnots, your scopes that you can’t get rid off (tablet), your slow-but-creeping love of propietary and your want to control. I can only speak for myself but I don’t want it.

Let me ask others – in your desire to find something – a package manager that “just works” what are you willing to throw overboard? What will you sacrifice? Do you really want to end up at a point like all the others; apple, android (google), M$ who spy and surveile you? You want in the end adverts everywhere and locks on everything?

I apologise for going off topic, and I guess a lot of people out there will probably think I am nuts or a wingnut or just plain wrong or just really stupid. But — again as the old saying goes – “you never know”. For me, alarm bells are going off and let us not laugh by that. Because – just what if I’m right?

Hello,
Can you please post a link to the source code of Fedora’s store server? (I cannot find it)
Can you please provide proof that those people which are not marked on github as working for Canonical, that they really are Caonical employees?
How is this post constructive?
Do you know that Fedora had similar CLA? How does it makes it better now that they changed it?
How does Canonical’s CLA makes it worse than other big names are using (Apache, Qt, Python, Fedora)?
A last point: xdg-app first commits where in 14 december 2014 (first test release as seen from mailing list was in may 2015), snappy’s initial release was on 9 december 2014 and from my knowledge it evolved from click packaging system.(this is what I found from my search).

There isn’t a store in the Flatpak system, exactly, and Fedora has not yet adopted Flatpak officially in any way. There has been code recently going into GNOME Software to support deployment of Flatpaks, and you can of course find that in the GNOME Software repo: https://git.gnome.org/browse/gnome-software – just check the log for ‘flatpak’ and, earlier, ‘xdg-app’.

“Can you please provide proof that those people which are not marked on github as working for Canonical, that they really are Caonical employees?”

That’s an odd question. Do we have to be ‘constructive’ in response to bullshit chicanery? When Oracle pulls some bullshit, does everyone have to be ‘constructive’ in their response? When Microsoft pulls some bullshit, do I have to be ‘constructive’?

Being constructive requires good will on all parts, and generally doesn’t make the news. If you read my archives, you’ll find acres of ‘constructive’ posts which didn’t make the news and thus don’t have 30+ comments. But yeah, I reserve the right sometimes to point out bullshit instead of being ‘constructive’. It’s my blog.

“Do you know that Fedora had similar CLA? How does it makes it better now that they changed it?”

No, it did not. We had something called a CLA, but it was not at all similar to Canonical’s. This has all been written about extensively by others; https://mjg59.dreamwidth.org/29160.html is a good concise explanation.

“How does Canonical’s CLA makes it worse than other big names are using (Apache, Qt, Python, Fedora)?”

“A last point: xdg-app first commits where in 14 december 2014 (first test release as seen from mailing list was in may 2015), snappy’s initial release was on 9 december 2014 and from my knowledge it evolved from click packaging system.(this is what I found from my search).”

Sure, that’s approximately what I found. It’s more complex than that, though, as both can claim earlier projects going back to 2009 or so as ancestors in some sense or other.

Hi Adam,
This Montrealer says “The first to market sets the standard!” Canonical is trying to set the standard.
In another way, I can envisage Canonical trying to repackage stuff so that maintenance and quality of deliverable can be guaranteed.

I agree with your “rant”, and I appreciate your concerns about premature system designs being nominated as the standard.

I agree with Adi.
On a different note, I quit using RedHat back in 2005 and never used Fedora. And I have not been using Ubuntu in last six years. For my work I use Debian and SmartOS. As to the post, I got an impression that some guys at RedHat/Fedora got very anxious because of new developments at Cannonical. It seems, the old times are gone, the latter are also in bed with M$, which may feel like a threesome now. As to me, quite honestly, I do not care about either Snappy or FlatPack or any other stuff from either Cannonical or RedHat. Who cares about yesterday? What guys at Data Centers care about are infrastructure and containers and their orchestration solution technologies.

I have look at actual packages that are available to install from Ubuntu 16.04:
sudo snap find
and it lists 62 packages. Currently there is no LibreOffice listed, but there are Krita and VLC. So it looks like LibreOffice is not ready to be installed for general public.

What does Snappy do:
1. Security isolation.
2. Transactional – you can rollback to previous version.
3. Sandbox from existing system – testing new version is very easy, without breaking existing system/applications.

One of the two major problems with the press release is that 1) does not actually work properly yet. On non-Debian-ish distros, confinement is entirely disabled at build time. Even when it’s built, it is literally impossible to effectively confine an app running on X11 (only Mir or Wayland), and almost everyone still runs on X11 – see https://mjg59.dreamwidth.org/42320.html . So this is exactly the problem I’m talking about: Canonical is happy for you to run around talking about how Snappy “does security isolation”, when in fact it doesn’t at all, yet.

It is somehow expected this is young package manager and little (or a lot) bit of push from Canonical employees is expected. But I do understand the point, currently there are not many snap packages and we will see in the future if this package manager is going to be successful or not. Most probably it is not going to be used much outside of Ubuntu. We will see…

Yes, I know about this, I have read an article about X11 can’t be really secured in the way snap are trying to do currently. It is currently another PR trick. But someday it will be secure, when using Mir or Wayland, I get it it is still a trick today, isn’t it.

Well of course it isn’t. It’s a blog. Blog posts aren’t supposed to be up to date. My god, I’m imagining a world where I have to wake up every day and update every blog post I ever wrote, and it’s terrifying. 😉

Because of the press release, lots of people started playing with snappy, and built more snaps. So of course there are more now then when I wrote the article. But also, I think there’s a difference about where we’re looking for snaps, I think I was looking somewhere different than you; there definitely are LO and Krita snaps, they were referenced in the PR and articles.

Anyhow, my general point is that when the press release was issued not a lot of stuff was available as a snap, and those that were available were not exactly polished, end-user-ready stuff.

“Well of course it isn’t. It’s a blog. Blog posts aren’t supposed to be up to date. My god, I’m imagining a world where I have to wake up every day and update every blog post I ever wrote, and it’s terrifying.”

Ahhhh, sorry I was not clear enough. In my post I have been referring to my previous post. So site https://uappexplorer.com/apps?type=snappy it looks like it is not up to date or I just don’t understand what it is displaying.

True, Canonical takes time with his initiative Snap Ubuntu-specific (before the press release), but the funny thing is that most of these applications have been built for them (employees of Canonical) and other volunteers, however the idea behind it is that are software authors who are distribute their applications directly. Again, this gives the wrong impression that developers are interested in this distribution system.

In my humble opinion. Developers are interested in a system (ecosystem) that works. That is the only reason I still use Windows (beside Linux), because there is always some program that will gonna run fine on Windows and not available on Linux (like updating GPS device, IRS application using Internet Explorer plug-in, local photo shop only offering Windows version of application).

What I would like to write is, developers are interested in working ecosystem. Why would now developers bother to create snaps if only Ubuntu 16.04 (not even older versions of Ubuntu like with PPAs) can be targeted.

Creating a ecosystem is difficult. What in my humble opinion Canonical is trying to do is creating little bit a push to demonstrate how easy it is to create a snap.

What is currently also needed is some GUI application that supports snap. Currently there is only command line option, which is not really suitable for average Joe.

It looks to me that standard practice of PR is rushing it to early to much. To get some interest from people early. We are not used to when application gets out like version 1.0 it is not stable enough, it is actually in alpha or beta stage and should not be used by average Joe at the moment of release. Just like Ubuntu 16.04, I have installed it two weeks ago and having many many problems, but problems are being solved one at the time. It is needed a mass to go from few (alpha/beta version), to official release (early adopters), to normal release average Joe, to super stable Joe’s grandma.

Certainly something needs to be done about Linux application installation. The current distro/repository system is pathetic. The applications obviously should not be distro specific, and even more so should not be distro-version specific. I would welcome any solution that works, even if it is not all that secure.

However, i cannot help but think that a better solution to making applications universal in Linux would be to do away with all the me-too slightly-different-wallpaper Linux distros. What really makes the Mac, Windows, Android environments easy to install on is that there is only one of each. Do we really need hundreds if not thousands of Linux distros and all these skilled developers wasting their precious time doing the exact same thing over and over again every six months or a year on all these stupid distros?

What I like about Linux is (I use it for last 8 years) I have never ever install a malware, half backed commercial trial etc in Linux. Package maintainers takes care of this. You can’t package malware and expect to be a package maintainer any more. Not possible.

What isn’t there only one united Linux, because of open-source. You can take open-source, change it at release. You can’t take e.g. Windows code and release, because company will not allowed you to do this.

The biggest strength of Linux is diversity, there can’t be a single player to rule all others out of the game. There are stronger and weaker players, but non of them is one single rule others out player.

To get this strength (diversity), you get into complicated world where nothing gets easy. But this diversity has it’s costs. There is very hard to create an application to target bigger portion of Linux ecosystem. And Linux ecosystem on desktop is small by itself and it is going to be difficult to get much bigger because of its nature (diversity).

For example it is logical it is waste of public money if IRS is obligated to create a Linux version of program. They can create Windows version and 99% of people are going to used it. Creating Linux version is a lot of wasted time/money. And if they decide to create Linux version, they will probably build Ubuntu or Suse or Fedora or something popular, that will target like 20% of Linux users (I don’t know exact numbers), what about all others.

You say that “The biggest strength of Linux is diversity” whearas i would say that is its biggest weakness. There are perhaps three major web browsers for Linux (Firefox, Chrome, Opera), not hundreds or thousands, and two major email clients (Evolution, Thunderbird), not hundreds or thousands. Why does there need to be all these hundreds of distros? Do we really need a distro for each particular specific purpose? Do we need a Monday distro and a Tuesday distro, one for each day of the week? Windows users, which far outnumber Linux users, seem to be quite happy with having just one Windows version, or perhaps three or four if you count the older releases. Do you see Windows users or Mac users or Andoird users clamouring for there to be hundreds of different versions? There are only two versions of the iPhone at any one time. I have not noticed any forum posts by agitated iPhone users asking for there to be twnety of thirty different types of iPhone. In fact i would argue that the lack of choice in the Apple range of poducts is a major part of the reason for its stellar success.

People often state that choice is one of the great aspects of open source or free software, but there seems to be little logic offered to back this up. Sure theres lots of choice, but can we blithely assume that must be good?

There are four or five major Linux desktops, not four or five hundred. The operating system is supposed to be the backbone of the computer – its the apps that you use a computer for – they run under the OS. We really don’t need hundreds of OS’s, especially when they are all virtually the same.

I agree 100% with Phil. The reason most developers make Windows and Mac versions, is they don’t have to target all the distros.. If there was one distro that ruled them all, they might start seeing it as an option? Maybe while we’re at it, make everything accessible with shared objects (.so), and an actual API at one source (like Microsoft/Apple).. Instead of 1000’s of different configuration file standards (the app has it’s own config standard in /etc/ usually).

Do we really need to have command line only programs, then have GUI’s that interface with the app by using STDIN? C’mon, this is pretty disgusting if you ask me, but oh well.. I’d be happy at this point for a smooth boot without seeing my splash screen look so ugly, and doesn’t black out (NVIDIA), and show the login screen text before lightdm, or a grub text menu.. It’d be nice to just have a smooth, brilliantly animated experience that didn’t feel like each segment was developed by pasting yellow and green bricks together.

The size was 1 GB because of debug feature was turned on. Now two snap packages where created “libreoffice-debug” (the one with 1GB) and “libreoffice” (287MB) for non-debug use. From installation instruction is is also obvious LibreOffice is not in snap repository yet. I has to be manually downloaded/installed.

P.S. By this sample it is also obvious that Ubuntu Software Store is not a requirement to install snap package.

You’d better read Adam’s blogpost properly. He doesn’t say you cannot install snaps independently on the Ubuntu Software Store. Yes, you can install individual snaps, but who’s going to take care of updates? Are you going to check every day if the snap you manually downloaded has been updated? Right now, there is no open, independent implementation of snap repo/store, just the one controlled by Canonical. As Adam writes you have two options: 1. implement your own store and modify the client to work with your store, 2. submit snaps to Canonical’s repo. On the contrary, Flatpak allows you to easily create your own repo and distribute updates directly to your users without Red Hat being anyhow involved. See the difference?

Why oh why from all the wonderful distros out there people seem to choose the worst of them all…….

this publicity is pretty much like that one about ubuntu being the easiest distro to use. Easiest?!?! Where?! I find Opensuse, for example, a lot easier to use that ubuntu. I don’t have to touch the CLI if i don’t want to, for example. But there are others easier!!! But noooo ubuntu is the boss!!! the easiest to use… yeah… in their dreams!!!

People don’t look whats beneath. They walk on ice like they’re walking on rock… i wonder what will happen when they feel the cold icy water…

the best canonical has in their office are the publicity guys (even if they deform the truth sometimes)!!! They do a great job (Seriously!!!). Without that guys canonical would already gone the way of the Dodo.

Adam, you covered AppImage in passing and I’d like to provide a little more info there. You said you were not sure if AppImage provides a sandbox. It does not, by default, but AppImage programs can be run inside Firejail. Firejail not only provides a sandbox, but it also guards against X-related attacks (like keylogging) which Flatpak and Snap do not, at least not without Wayland/Mir. So with AppImage you can run apps exposed or in a sandbox. In the latter situation it’s actually more secure than either alternative right now.

boring. its crap like this post that embarasses me the most about linux. i dont watch soaps on tv and i sure aint gonna join a camp based on butthurt. grow up a little bit. in my world walking the walk wins. if you put half as much effort into making this system usable as you all collectively whine about, there wouldnt be a need to express such noise.
i dont give a rats arse what company does what. if you are in for a penny, you are in for a pound. stop telling me you are better than everyone else and show me. because until you can, all i will remember about flatpacks is second place whiners. i want a system that is as truly independant as possible but moreso i want ease of packaging. right now snaps wins. if you can free up the dependancy for gtk3 version “whatever is stable today”. it might be worth a second look.

Everytime Canonical releases a product and advertise it(Canonical is for profit), someone at Redhat will cry foul.
It seems there are three camps in the Linux world, Anti-Canonical which is pro Redhat, pro Canonical, and neutral people who uses both RPM-based and Deb-based.

Anti-Canonical seems to be very vocal, like atheists posting garbage at quora.

I really don’t think Anti-Canonical are necessarily “pro Redhat” and i wouldn’t put them in 3 groups. I would put them in 2: people that love OpenSource and, as such, has a main interest in advancing technology that can be used by everyone (and normally these people tend to post things has they really are) and everyone else… 😉

so… there is no such thing as Anti-Canonical! Just people who do like the truth simple and clean 😉

sounds like sour grapes to me. if i peel away the smoke and mirrors, the ones whining the loudest are angry they didnt do this first. thats all. you can damn well bet fedora wishes flatpack was the only contender. this stuff is rich, really good entertainment. grown men crying. fedora will never get over this because they have assumed the role of aggressor. this makes the people behind flat pack look angry, violent untrustworthy and even unreliable. if i had to choose a food based on the way ubuntu and fedora run this campaign, then snap me cuz flat packs leave me hungry.

Well , I have seen Red Hat biased views here and am a bit saddened by the spew from them but not surprised. Red Hat thinks it is the Big God of Linux but it is been far more controlling in the way it promotes its Limited System. This causes me to have a bad taste in my mouth for Red Hat. There is No use of bashing another Linux distro and Mark Shuttleworth has always been a Gentleman in that. I have been on Red Hats article sites and read their bashing of anything but Red Hat. Ubuntu has brought more regular NON geek users to Linux than any other distro. Where is Red Hat on the phone and tablet? Red Hat is great in servers and ok in cloud. Things are evolving and Red Hat is Not the Big Dog it arrogantly thinks it is in the Future. Wonder why AT&T just to mention one a many that are moving to Ubuntu/Canonical? There is room for all without bashing one another in this fast moving tech world. Egos and lack of understanding by the Red Hat biased folks here is distasteful. Linux Forever.!!!

Now, I don’t know if anyone else has noticed recently, but Canonical Ltd. seems to be slowly but surely moving away from open source and the FOSS community. Yeah, sure, they open-sourced Ubuntu, but even then, newer products like Ubuntu phone are closed source. You won’t ever see me on an Ubuntu phone because that’s how much I dislike closed-off, gatekeeper’s products. Then as pointed out above, the “app store” is closed off. Then, there’s collab with Microsoft, which to me was heavily irritating to watch Canonical do. There have been reports that Ubuntu’s website used to say “Ubuntu GNU/Linux” and now there’s no acknowledgement of the “GNU/Linux” part in order “not to scare users away.” A good part of the reason to move to Fedora for me at least a few days back was because I’ve noticed Fedora doesn’t try to be something it’s not like Ubuntu does. After so long, enough is seriously enough.

Heh, just came around this. It’s funny you get annoyed at a press release and what it “heavily implies”, yet you are not annoyed at what eg. Red Hat web site implies. Eg. page at https://www.redhat.com/en/about/trusted implies how “100% airlines” (from the Fortune 500 list) use exclusively Red Hat. No, it doesn’t say that, it says “100% airlines ‘rely’ on Red Hat”, but that’s the same PR tactic (how many airlines is that? 1 or 50? do they have RedHat on a single developers’ box along with a support contract or thousands of servers? to a critical eye, web site is plain horse-shit, just like Snappy PR is). Just like the Canonical’s PR is making the narrative imply something without really being untruthful (I know you might disagree with this bit as well, but let’s say what issues you bring up are “bugs” ;).

I suppose you are more annoyed at “journalists” picking that up and running with it as gospel.

I’ve long ago proclaimed that all marketing is evil as it transcends into the morally shaky ground of not necessarily lying, but using researched techniques (yes, actual science) to lead people to form an opinion favorable to the one who is advertising. I make an effort to buy shaving cream that is not for the “sensitive skin”, because every other one is (look, you slide a very sharp blade over your face and expect to not have irritated skin? good luck!).

This is a sales pitch to get software vendors interested in a technology in order to develop the last mile of that technology. I suggest you don’t get annoyed at it, because that’s how marketing departments work, including the one at Red Hat.

This wasn’t about the technologies, but the PR. FWIW, Flatpak is more of a desktop-focused thing than Snappy. I think the people involved with Flatpak generally think there are already enough tools for container-ish server deployment.

It is clear to me that your anger with Canonical already existed before this review.
While what you say may be 100% true,the conclusion is 100% anti Canonical. Here are some examples.
All servers are private. If they contain ilegal stuff the owner will have problems. It is a good practice to inform the terms of use of that server and make then agree.
But this is a non issue. The idea is for every one to have their own store instead of using the Canonical store. There, you dont have to agree with nothing.

Lxc and lxd are suported by the kernel. Every linux distro suports it. Small configuration values do not remove suport. Just join your distro maintainers team and activate them.